Catch a wave on an ocean of knowledge

Pronunciation Helper FREE is the best app for perfecting your accent in a foreign language.

German, English (US and British), Spanish, French, Italian, and Portuguese are all built in!

It’s as easy as 1, 2, 3!

Just type in a word or phrase in the selected language.

Press the speaker button to hear it. Slow it down or speed it up, and listen again.

Then it’s your turn to try it. Press the microphone button and repeat the word or phrase.

If you get a green check mark, congratulate yourself on a solid pronunciation. If you get a red X, try it again! Kids LOVE it! It is great fun to speak words in, to see if you spoke clearly enough to be understood. Then you can switch between languages and just listen to your phrase in all the different accents! Available now on Android phones and tablets:

Let’s continue talking about web sites that do more than just display the same data all the time. You can skip to the last paragraph if you just want the thing you need to know for the exam.
Scripting is the way to make that happen. If a programmer writes a script to make their site do something really cool, there are two places where that script can be processed. Client-side scripts send the code to the user’s computer to be run. Server-side scripts work their magic on the web server and send the results to the user. Client-side scripts rely on the users system to have a web browser that understands the script. If you don’t want to rely on the user, you can use server-side scripts that only rely on the server. It’s easier to make sure your server has the right capabilities, rather than all possible users who hit your site.
Real World Example: The most common client-side scripting language is Javascript. Next time you’re browsing the web, right click on the page, choose “view source” and look for some code that says Javascript. The most common server-side scripting languages these days are ASP.Net and PHP. Next time you browse the web look for an “aspx” or a “php” in the web address. You won’t be able to find any ASP.Net or PHP code in the source because the server already processed it and sent the results.
The security risk of server-side scripting lies in the fact that the server does whatever the script tells it to. If a bad guy can get his code onto the server, it will do whatever the bad guy wants it to.

Java, like ActiveX, allows web applications that do a lot more than HTML. Unlike ActiveX, it isn’t tied to Microsoft products. This means you can run Java applets on Microsoft systems as well as other platforms, like Linux and Mac OS.
When you install Java on a system, you are giving it a Java virtual machine that will run the Java applet inside itself. The applet doesn’t know what OS you have installed because it is contained in its own virtual computer. This means the program doesn’t have to be customized to work on various operating systems. Security wise, this means that the applet runs in a sandbox. The sandbox is the Java virtual machine that keeps the applet contained and controls its interaction with the host OS and system resources.

The next few items are pretty easy to deal with on the Security+ exam. There really isn’t too much that you have to know about them.
ActiveX is basically a way to make web pages do more than HTML is capable of. Let’s say you go to a photo website and want to upload your photos. With traditional web pages you would have to upload one photo at a time. So, that website might have an ActiveX control that you can install which allows you to upload hundreds of photos simultaneously. ActiveX just made life much easier!
But wait… If ActiveX makes web pages do more than HTML is capable of, couldn’t bad guys use it for evil? Absolutely! They could use it to erase all of your photos, or take control of your webcam and take some new photos, or just about anything else a program could do. You need to know this for the exam.
You also need to know that you can disable unauthorized ActiveX controls to protect your organization’s users from malicious code. This means they will have to upload one photo at a time unless an administrator authorizes it, but hey, they shouldn’t be doing that at work anyway!

When we talk about configuration baselines we are usually talking about the starting point for system construction. Applying a configuration baseline would be the first task performed on new systems. This is often done by deploying a standard image which is preconfigured with a set of consistent, required security settings. After that, the system would be updated with the latest patches and receive any additional configuration and software. Configuration baselines allow for easier security management by standardizing what could otherwise be a chaotic free-for-all.

You could also use a baseline as a measuring point to track deviations in security configuration. In this situation, the baseline would be taken after the initial configuration is complete. If some malware attempts to secretly alter the system it would be detected. By having a baseline, we have a comparison point to identify these changes.

Templates were traditionally used to paint shapes or letters that were all identical. Essentially, you could create one stencil that says “STOP” and paint it at every intersection in town. Every “STOP” in town would be uniform and look nice.
Security templates serve a similar purpose. They allow an administrator to apply uniform security settings to every system in an organization. When there is a corporate policy that defines the security configuration of systems, a template is a great way to make every system comply. If an organization purchases a large number of new computers, templates allow them all to be easily secured.
Administrators can also utilize user account templates to easily grant proper permissions to new users. For example, you could create a user named “new accounting user” and place it in all of the appropriate security groups to grant permissions for a typical accountant in your organization. Whenever a new accountant comes on board, you copy the “new accounting user” profile, put the new accountants name on it and they already have all the permissions they need. This will make sure that all accountants are granted identical permissions that comply with corporate policy.

If you have to manage a large number of computers, you don’t want to have to make configuration changes one by one. Group policies allow an administrator to centrally manage the configuration settings of systems on the network.

For example, a user can go the firewall settings on an individual system and turn it off. If there is a group policy that controls the firewall settings, individual users will not be able make changes to those settings. If you need to configure VPN settings in your domain, you can quickly and easily create one policy and apply it to every system enterprise wide. This is very powerful, so make sure you test your settings before you unleash them in the production environment. Almost every aspect of the user interface and security of a system can be set by using group policies.

So, now we’ve learned about patches. We should probably make sure we are taking care of this stuff. That’s patch management. As the bad guys discover new ways to harm us, vendors create patches to protect us. It is vital to our systems security to protect them with the latest patches.

The basic steps of patch management are:

Determine what patches are needed and download them

Check for the latest patches on a regular basis

Make sure it is coming from the vendor website and is not tampered with

Verify that the patch is relevant to your system or application

Test and install the patches

Test in a way that won’t affect production if the patch causes problems

Use automated delivery to push patches across the entire network

Verify that the patches are successfully applied.

Use patch management software to automate reports

The typical user is not doing these things. If you want your organization’s computers to be secure, patch management needs to be implemented in a way that takes care of every system on the network. Typically, patch management is an automated process. Utilize a server that can download and then push the approved patches out to every system on the network. The patches should not be approved for deployment until they are tested in a non-production environment. Following these guidelines will give you control over an important aspect to the security of your systems.

A patch is similar to a hotfix but differs in two main ways. First, a patch is typically larger than a hotfix. Second, a patch is less urgent and thus more thoroughly tested than a hotfix. A vendor patch may be released to fix a single security issue that has been discovered in their software. If a system is missing many vendor patches, there are probably many security vulnerabilities that can be exploited.

Another important note regarding patches concerns virtualization. Each virtual computer and the virtual host machine must all be patched individually.

You should also know that, despite vendor testing, there are innumerable scenarios that patches are introduced into. The vendor can’t possibly test absolutely every situation that could be encountered out in the wild world. Before you install a patch to your production environment, you should test it to verify that it doesn’t cause application errors in your systems.

Hotfixes and service packs each have their own unique features that differentiate them from patches. Make sure you know the difference.

A service pack is a collection of patches or fixes that are released by a vendor as a single installable package. Security fixes are almost always included. These are vendor tested patches released as a bundle, which saves you from having to install multiple patches individually. Once the service pack is installed, you only have to install the patches that are created after the service pack’s release.

Hotfixes and patches each have their own unique features that differentiate them from service packs. Make sure you know the difference.